package com.springsecirtytest.activiti1.security;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

public class ActivitiSecurityConfig extends WebSecurityConfigurerAdapter {
    @Autowired
    private LoginSuccessHandler loginSuccessHandler;
    @Autowired
    private  LoginFailureHandler loginFailureHandler;
    @Override
    protected  void  configure(HttpSecurity httpSecurity) throws Exception{
        httpSecurity.formLogin()
                    .loginPage("/login")
                    .loginProcessingUrl("/login")
                    .successHandler(loginSuccessHandler)
                    .failureHandler(loginFailureHandler)
                    .and()
                    .authorizeRequests()
                    .anyRequest().permitAll()
                    .and()
                    .logout().permitAll()
                    .and()
                    .csrf().disable()
                    .headers()
                    .frameOptions()
                    .disable();
    }
}
